Sysdig Cloud Connector leverages Cloud Audit log like AWS CloudTrail, or GCP Audit log as the source of truth for operational audit, enabling governance, compliance, operational auditing, and risk auditing for your cloud accounts.
By leveraging AWS CloudTrail and the Falco language you will be able to detect any unexpected or unwanted behaviour in your AWS accounts.
All the components can be controlled using a simple YAML configuration, you can configure the sources of information, where the rules are loaded from and the notifiers to send alerts.
Following the batteries included philosophy, the Cloud Connector ships a set of rules out of the box.
You can find a listing of rules: